The present disclosure relates to the field of authentication technology, including an authentication method for a terminal device using random expression prompts, an authentication server, and an authentication system.
Smart mobile devices are becoming more and more popular in ordinary human life. As a big trend in banking/commerce services, mobile commerce/banking has emerged. However, security is a difficulty faced by mobile commerce/banking applications. For example, traditional security authentication methods, like USB-key or One-Time Password (OTP), cannot work well on smart phones. Biometric features, such as facial features, fingerprint features, are a kind of “natural password” that is usually unique, and does not need people to memorize. Thus, solutions have been proposed to utilize biometric features on mobile devices for security authentication.
For security authentication techniques based on facial features in the prior art, generally, it is necessary to register user's facial features at first, then authentication can be realized through comparing a user's facial features that are detected in real time and the registered facial features. An improvement to such a solution is to further enhance security through detecting the liveness of user facial features. For example, user liveness is determined through facial gesture detection.
However, it has been found that liveness detection methods in the prior art will fail if a fraud deceives a mobile device, by using a piece of video of a user that has been recorded previously. Note, a reference herein to any prior art is not to be taken as an admission or a suggestion that the content thereof was well-known or was part of the common general knowledge as at the filing date or the priority date of any of the claims.